Recherche : [PHP-CGI]

GreyNoise Detects Mass Exploitation of Critical PHP-CGI Vulnerability (CVE-2024-4577) https://www.greynoise.io/blog/mass-exploitation-critical-php-cgi-vulnerability-cve-2024-457?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118

12/03/2025 08:36:52

‍GreyNoise data confirms that exploitation of CVE-2024-4577 extends far beyond initial reports. Attack attempts have been observed across multiple regions, with notable spikes in the United States, Singapore, Japan, and other countries throughout January 2025.

CVE-2024-4577 RCE in PHP CGI: Everything you need to know | Wiz Blog https://www.wiz.io/blog/critical-rce-php-cgi-vulnerability

11/06/2024 16:56:23

Detect and mitigate CVE-2024-4577, a critical remote code execution vulnerability in PHP CGI. Organizations are advised to patch urgently.

Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability https://devco.re/blog/2024/06/06/security-alert-cve-2024-4577-php-cgi-argument-injection-vulnerability-en/?ref=labs.watchtowr.com

07/06/2024 13:50:51

While implementing PHP, the team did not notice the Best-Fit feature of encoding conversion within the Windows operating system. This oversight allows unauthenticated attackers to bypass the previous protection of CVE-2012-1823 by specific character sequences. Arbitrary code can be executed on remote PHP servers through the argument injection attack.

Liens par page

Filtres